4 Comments

Summary:

Path and Pinterest are getting some significant backlash because of recent decisions that appeared to put their interests ahead of their users and a lack of disclosure about that behavior. It’s a welcome reminder that the trust of users is not something to be taken lightly.

3661629219_95ce2b4124_z

Updated: Path and Pinterest are probably two of the hottest social services right now, racking up millions of users and generating an ocean of favorable coverage. But both have gotten tripped up by the same thing that has made the social web a minefield for both Facebook and Google: namely, decisions that put their interests ahead of their users and a lack of disclosure about what was going on behind the scenes or under the hood of their services. Will these missteps spell doom for either company? Probably not. But the backlash is a welcome reminder that for social apps, the trust of users is not something to be toyed with.

Path, a mobile photo-sharing app that expanded to become a full-fledged mobile social app when it relaunched a couple of months ago, was co-founded and is run by Dave Morin, an early Facebook staffer. You might think the privacy blowups that the giant social network has experienced over the past couple of years would make Path pretty sensitive to handling user data properly, but that doesn’t seem to be the case: Earlier this week, controversy erupted when it was revealed that Path was uploading all of its users’ contacts to the company’s servers, something many users have taken as a breach of their privacy.

It may not seem like a big deal, but you should still disclose it

In public comments on the blog post that first brought this to light, Morin apologized and said that Path will fix the problem in an upcoming version by requiring users to explicitly opt-in. He also tried to defend the company’s behavior by saying that it is the “industry best practice.” As a commenter on the Hacker News thread about the issue put it, however, a better phrase might be “industry lowest common denominator.”

Update: Path’s CEO later apologized in a blog post for the way the service handled users’ data, and has said that in an attempt to make up for its mistake it has deleted any address data that was stored on its servers.

It is true that other apps and services also do this, including WhatsApp, Beluga, Hipster and others, and the ability to do so has been a part of Apple’s iOS since 2008. Others have also noted in Path’s defense that Apple allows apps to upload contacts without explicitly asking users for permission – something that it doesn’t do for other data such as a user’s location. And it is also true that importing a user’s address book makes it a lot easier to scan for friends who are already on Path and that this can be a benefit for a user in the long run.

That said, however, the anger and shock that Path’s move seems to have triggered among many users — some of whom say they have deleted the app and will never return — makes it pretty clear that even if this behavior has benefits for users, the lack of disclosure about what Path was planning to do is a deal breaker for many.

Pinterest, meanwhile, did something completely different to upset some of its users, but the underlying lesson is the same: The company — which says it has built up a massive user base of more than 10 million in just two months — is a content-sharing service where fans of different products and websites can post (or “pin”) their favorites. Since popular posts can drive a lot of traffic to websites that sell these products, Pinterest has been adding affiliate links that generate revenue for the site when users click on them.

Lesson: Never take your users for granted

As many of the company’s defenders have pointed out, this behavior makes a huge amount of sense for Pinterest, since it is providing a free service and needs to generate revenue somehow. But as with Path’s move — which also makes a lot of sense from a purely utilitarian point of view — Pinterest failed to disclose what it was doing to users or at least failed to make it obvious. Perhaps the company thought (as Path likely did) that users wouldn’t mind. But it turns out that plenty of them do mind.

Path’s decision seems the more surprising of the two, if only because there are so many examples of similar undisclosed or opt-in-by-default moves that have triggered a huge amount of backlash, and not just for Facebook but for Google as well. The search giant’s engineers also clearly thought that merging people’s email contact lists with their new Buzz service was a great idea — after all, it was the most efficient way to populate a user’s follow list. But many users disagreed, and so did the federal government, and the resulting backlash arguably helped kill Google’s first attempt at a real social service.

The lesson here is that for social apps, the trust of users is paramount, and the best way to maintain that trust is to be as open as possible about everything that is occurring, particularly if it involves a user’s personal data. Whatever you are doing with it may not seem like a big deal to you, but better to be open about it than have it revealed by someone else, at which point you look sneaky. As Craigslist founder Craig Newmark has put it, “Trust is the new black,” and it never goes out of style.

Post and thumbnail photos courtesy of Flickr users Lars Plougmann and Christian Ditatompel

  1. Personally speaking, I deleted Path from my iPhone and have asked my friends to do the same. This is a scumbag move pure and simple. Apple needs to take some action against these guys otherwise their TOS is just complete BS. First, it’s wrong to outright steal the data off the phone, second it’s against Apple’s TOS.

    I see no reason why they should get away with this. The Path app needs to disappear from the app store pure. Period. If it doesn’t then why does Apple even bother having a TOS?

    Share
  2. I asked Path unambiguously to delete my information from their servers in November, and they told me they couldn’t! The first customer service rep said my account had been “closed,” but left the door open for me to “enable” my account again — meaning that they were keeping my data. The second rep told me that the company’s “internal tools” don’t allow them to delete accounts at all, but that mine would be added to a list that they’d delete someday. He said they’d e-mail me when they could do that, but they haven’t yet.

    Deleting Path from your phone won’t get your data off their servers, but it’s a start. For my part, I’m not interested in giving that company any more information about me — ever. It’s a pretty app, I suppose, but Path simply doesn’t deserve my trust.

    Share
    1. That’s simply ridiculous. Deleting an account should be trivial. I strongly suspect those “customer service representatives” were lying.

      I make web and phone apps (e.g., CardVine). I never pull stunts like what these companies have done, not only not only because I find them icky but also because it’s obvious to me they’re bad for business – users will find out, and they will be angry. I’m beginning to think maybe I and some other like-minded entrepreneurs should get together and write a sort of manifesto about how to do privacy right, to counter the sleaziness of so many in the industry. Contrary to what one often hears in Silicon Valley, privacy isn’t dead or impractical, it just doesn’t go well with the business models of many companies.

      Share
  3. Comparing Path and Pinterest is like apples and oranges. Path took personal information without asking and then in a PR move tried to cover it up by saying that they were working on it. Pinterest on the other hand is testing out a business model that doesn’t take personal information without asking. If anything, it will help generate income for users and themselves to continue to grow and keep the service free.

    Share

Comments have been disabled for this post